unencrypted data | Breaking Cybersecurity News | The Hacker News

An application should always encrypt users' sensitive data, either it is local or stored on company servers, but still many popular services failed to provide fully secured solutions to their users. Cristian Dinu (DrOptix) and Dragoş Gaftoneanu , Romanian programmers at Hackyard Security Group , a private community dedicated to IT security research approaches ' The Hacker News ' editorial and claimed that the Microsoft owned most popular free voice calling service Skype leaves its local database unencrypted, that puts users' sensitive information at risk. All Skype-to-Skype voice, video, file transfers and instant messages are encrypted. Though, Skype's local database is also supposed to be encrypted because it is sensitive enough, but  Dragoş  found that Skype leaves users' full name, birthday, phone numbers, country, city and even full chat conversations unencrypted on the systems' hard drive in a known location without any encryption or password....

Last week we reported a critical vulnerability in the world's most popular messaging application WhatsApp, that could expose users' GPS location data to hackers  and was discovered by the researchers at UNH Cyber Forensics Research & Education Group. Same Group of researchers reported new set of vulnerabilities in another most popular messaging application ' VIber '. They claimed that Viber's poor data security practices threaten privacy of its more than 150 million active users. Cross Platform messaging app Viber allows registered users to share text messages, images, doodles, GPS Location and videos with each other, along with its popular free voice calling feature which is available for Android, iOS, Windows Phone, Blackberry and Desktops as well. The researchers found that users' data stored on the Viber Amazon Servers including images and videos are stored in an unencrypted form that could be easily accessed without any authentication i.e.which giv...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...